Grafana exposes the new face of security: attacks on the supply chain that exposed tokens, internal repositories and npm dependencies

Grafana Labs confirmed on May 19, 2026 that the intrusion detected at the beginning of the month did not compromise the production systems or the operation of Grafana Cloud, but did affect its GitHub environment, including public and private repositories with source code and internal documents. The gap originated in the Npm ecosystem supply chain associated with TanStack and was taken advantage of by the group known as TeamPCP, same actor who has hit other big organizations in recent weeks.

The details that the company has made public offer a clear lesson about the modern attack surface: not only the implementing code matters, but also the operating devices that are stored on collaborative platforms. Grafana explains that, in addition to code, repositories used for internal coordination and professional contact data were downloaded. A workflow token that was not rotated allowed access to repositories that were initially considered to be free, which highlights the risk of relying on "unimpacted" assumptions without complete technical verification.

The episode fits into a greater trend of attacks on the software supply chain and development platforms: actors such as TeamPCP exploit dependencies, malicious packages and automated credentials to scale up reach and obtain sensitive assets. GitHub is also investigating unauthorized access to its internal repositories, which reinforces that these intrusions can have systemic effects beyond a single company. For context on the nature of these threats and mitigation practices, the guides and notices of security platforms and agencies are useful; for example, GitHub's security documentation and the CISA section on supply chain security provide practical recommendations ( Blog of GitHub, CISA: Supply Chain Security).

After detecting the activity on 11 May, Grafana proceeded to rotate numerous tokens and to audit commitments, and received a request for extortion on 16 May which decided not to pay for the simple reason that payment does not guarantee the elimination of the data and also encourages future campaigns. The decision reaffirms an increasingly common position between informed victims: paying does not solve the structural problem or reduce the long-term reputational damage and can expose the organization to new extortion.

What are the implications for development companies and teams? First, that controls around automation and tokens should be as strict as those of human credentials: policies of less privilege, tokens of short duration, use of OpenID Connect for CI / CD flows and continuous audit of workflows. Secondly, internal repositories and operational documentation should be treated as sensitive data; their exposure can facilitate social engineering, commercial identity supplanting and targeted attacks even if production services have not been touched.

For security officials and developers it is appropriate to take concrete and technical measures: to review and revoke tokens and inactive credentials, to enable multi-factor authentication and conditional access policies, to migrate to minimum-range credentials for automated actions, to apply unit scanning and package signatures, to maintain software inventories (SBOM) and to monitor in real time changes in repositories with alerts and correlation in the IMS. In addition, auditing historical commitments and continuous integration hooks may reveal previous commitments that a punctual rotation does not completely correct.

Open source organizations and package holders should also note: confidence in the npm ecosystem requires controls in the publication and verification of packages, unit review policies and, where critical, the use of private records or proxy that filter changes. End users should update dependencies with caution, set versions and verify the reputation of packages and authors in the face of unexpected changes.

Finally, the public list of victims by extortion groups on the dark web, such as the appearance of Grafana in sites linked to CoinbaseCartel, recalls that organizations should prepare for public exposure and manage it with incident response and clear communication plans. Resistance to supply chain attacks requires both technical controls and legal and communication preparation and cooperation between platform providers, internal teams and security agencies is essential to contain and mitigate these campaigns.